Script ACL

Pastupe · ‎11-01-2017

Hello

Im getting lost in scripting ACL

What I need is to create ACL where:

User can see only tickets where user is member of group to which ticket is either assigned or watchlisted

Anyone know how to do it?

With the below script Im not getting correct results for READ ACL.

See it below, it should give me back 6 records to read and it giving me back just 3, why ?

please help

/Petr

Chuck Tomasi · ‎11-01-2017

As noted before, try it with one ACL criteria and two ACLs. Debug the one to determine group membership first. Test it, get it working, etc. If someone comes along later and says "No, we don't need that" it's a simple matter of deactivating it rather than modifying code. Don't pile both bits of logic in one ACL.

ACL 1:

answer = gs.getUser().isMemberOf(current.u_assignment_group.getDisplayValue());

ACL 2:

var result = false;

var list = current.u_support_team_involved.toString().split(',');

for (var i = 0; i < list.length; i++) {

var grp = new GlideRecord('sys_user_group');

grp.get(list[i]);

if (gs.getUser().isMemberOf(grp.getDisplayValue()) {

result = true;

break;

}

answer = result;

View solution in original post

Pastupe · ‎11-01-2017

Quick question

Should I better think to create before query business rule? Will it work better then ACL when it comes to rows displayed in the list ?

/Petr

G_Ede · ‎11-01-2017

This might help? how to remove the message "Number of rows removed from this list by Security constraints"

Pastupe · ‎11-01-2017

This is really confusing not only for me but can be as well for others - List is now set to display 50 records and it display just 10

last 1 is displayed on the next page even the list is set to display 50 rows

Thanks to all of you who contributed and spent time with me here to solve this problem. Thanks very much!!!

/Petr

Pastupe · ‎11-01-2017

correct anser as well